ldapsearch over SSL can not bind
Herbert J. Skuhra
herbert at oslo.ath.cx
Tue Nov 3 06:50:09 UTC 2015
On Mon, Nov 02, 2015 at 05:22:14PM +0100, Matthias Apitz wrote:
>
> Hello,
>
> I'm trying to make from FreeBSD a LDAPsearch in some Novell eDirectory
> with the following command:
>
> $ ldapsearch -Z -H ldaps://romega:1027 -b 'ou=person,o=uni' -D 'cn=XXXXXXXXXX,ou=service,o=uni' -w XXXXXXXXXX
> ldap_start_tls: Can't contact LDAP server (-1)
> additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed certificate in certificate chain)
> ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
Have you tried the TLS_ vars in ldap.conf(5); eg. TLS_CACERT,
TLS_REQCERT?
--
Herbert
More information about the freebsd-questions
mailing list